New Security Runtime For SOA Infrastructures Eclipse Project

In business projects confidentiality, integrity and authenticity
of information and data have to be ensured along with protection
against Trojans, viruses and various other web-based attacks. One
security method, is the application-centric approach of manually
implementing security requirements inside the applications.
However, secRT aims to provide a comprehensive automated solution
through a platform independent runtime environment for security,
based on OSGi. Applications may access the secRT security services
via interfaces without the need for implementations of specific
mechanisms for each application.

The secRT architecture will consist of local runtime components
which act as Policy Enforcement Points. A Security Workflow Editor
will orchestrate the secRT security services. During runtime, the
secRT will automatically enforce the security policy –
configuration, deployment and realisation can be achieved without
programming effort.

Standard implementations of algorithms for cryptographic
operations will be available through the encapsulation of
cryptographic libraries via a wrapper. Daily rolling log-files will
enable analysis and error search.

secRT is being proposed as a technology project, rather than a
part of the Eclipse platform. SOA security company CORISECIO GmbH
will contribute major parts of its custom-developed security
platform into this project.